[go: up one dir, main page]

CN105191332A - Method and device to embed watermark in uncompressed video data - Google Patents

Method and device to embed watermark in uncompressed video data Download PDF

Info

Publication number
CN105191332A
CN105191332A CN201480022618.6A CN201480022618A CN105191332A CN 105191332 A CN105191332 A CN 105191332A CN 201480022618 A CN201480022618 A CN 201480022618A CN 105191332 A CN105191332 A CN 105191332A
Authority
CN
China
Prior art keywords
watermark
content
cas
random number
activation module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201480022618.6A
Other languages
Chinese (zh)
Other versions
CN105191332B (en
Inventor
迪迪埃·胡尼亚切克
陈明松
皮埃尔·萨尔达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nagravision SARL
Original Assignee
Nagravision SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nagravision SA filed Critical Nagravision SA
Publication of CN105191332A publication Critical patent/CN105191332A/en
Application granted granted Critical
Publication of CN105191332B publication Critical patent/CN105191332B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • H04N21/8358Generation of protective data, e.g. certificates involving watermark
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • G06T1/0021Image watermarking
    • G06T1/0092Payload characteristic determination in a watermarking scheme, e.g. number of bits to be embedded
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • H04N21/8355Generation of protective data, e.g. certificates involving usage data, e.g. number of copies or viewings allowed
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T2201/00General purpose image data processing
    • G06T2201/005Image watermarking
    • G06T2201/0064Image watermarking for copy protection or copy management, e.g. CGMS, copy only once, one-time copy

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Editing Of Facsimile Originals (AREA)
  • Storage Device Security (AREA)

Abstract

本发明的目的在于向在客户端设备接收的内容施加水印,更具体地向未压缩的视频内容施加水印。本发明涉及一种用于向在客户端设备处接收的未压缩的内容加水印的方法,所述未压缩的内容处于压缩的形式且由至少一个内容密钥(CW)加密,所述内容密钥(CW)以及水印指令形成CAS数据,所述CAS数据被利用发送密钥加密并且包括用于认证所述CAS数据的至少一个签名,所述客户端设备包括:条件访问模块(CAS),管理所述CAS数据,解扰器(DSC),具有用于接收加密的压缩的内容的输入、以及用于产生压缩的内容的输出,解码器,用于将所述压缩的内容转换成未压缩的内容,水印插入器(201),连接到所述解码器的输出,安全激活模块(202),连接到所述水印插入器(201),安全单元(SE?200),连接到所述水印插入器(201)和安全激活模块(202),所述方法包括以下步骤:-接收所述CAS数据,-由所述条件访问模块(CAS)利用所述发送密钥对所述CAS数据进行解密,-验证所述CAS数据的签名,且如果所述签名有效,-则向所述解扰器(103)传输所述内容密钥(CW)并向所述安全激活模块(202)传输所述水印指令,-向所述水印插入器(201)传输所述水印指令和唯一的标识符,-由所述水印插入器(201)启用或禁用利用由所述唯一标识符初始化的水印数据向从所述解码器接收的未压缩的内容加水印。

It is an object of the present invention to apply a watermark to content received at a client device, more particularly to uncompressed video content. The present invention relates to a method for watermarking uncompressed content received at a client device, said uncompressed content being in compressed form and encrypted by at least one content key (CW), said content key A key (CW) and a watermark instruction form CAS data, the CAS data is encrypted with a sending key and includes at least one signature for authenticating the CAS data, the client device includes: a conditional access module (CAS), a management The CAS data, a descrambler (DSC), has an input for receiving encrypted compressed content, and an output for producing compressed content, and a decoder for converting the compressed content into uncompressed content, watermark inserter (201), connected to the output of said decoder, security activation module (202), connected to said watermark inserter (201), security element (SE? 200), connected to said watermark inserter A device (201) and a security activation module (202), the method includes the following steps: - receiving the CAS data, - decrypting the CAS data by the conditional access module (CAS) using the sending key, - verify the signature of said CAS data, and if said signature is valid, - transmit said content key (CW) to said descrambler (103) and transmit said watermark to said security activation module (202) instructions, - transmit said watermark instructions and a unique identifier to said watermark inserter (201), - enable or disable by said watermark inserter (201) the use of watermark data initialized by said unique identifier to send from said watermark inserter (201) Watermarks the uncompressed content received by the decoder described above.

Description

用于在未压缩的视频数据中嵌入水印的方法和设备Method and apparatus for embedding watermark in uncompressed video data

背景技术Background technique

由于水印在客户端中被单独完成,所以在未压缩的域上使用水印方案是优选的,且由于其在未压缩的域中被完成,所以其通常提供了最好的水印插入能力和更好的隐形性。Using a watermarking scheme on the uncompressed domain is preferable since the watermarking is done in the client alone, and since it is done in the uncompressed domain, it usually provides the best watermark insertion capability and better invisibility.

但是解码器(针对未压缩的水印)之后的工作未提供与链接到数据解扰的安全单元的互动,从而在解码器之前出现。But the work after the decoder (for uncompressed watermarks) provides no interaction with the security element linked to the descrambling of the data, thus occurring before the decoder.

文档US2010/128871描述了一种解决方案,在该解决方案中,产生了辅助流,其包括允许重构主流且同时向重构流抹泥(marl)的数据。因此,相同的流包含加扰数据和水印数据。在接收处,将该流处理为在修改的流中要被替换的一组数据。Document US 2010/128871 describes a solution in which an auxiliary stream is generated comprising data allowing reconstruction of the main stream and at the same time marl to the reconstruction stream. Therefore, the same stream contains scrambled data and watermarked data. On receive, process the stream as a set of data to be replaced in the modified stream.

文档EP2391125描述了一种解决方案,该解决方案基于对所有设备公共的流允许单个标记(在接收设备处)。控制对象包含原始值、替代值和位置。安全单元确定要对替代值应用以获取原始值的算术操作。根据接收设备的内部参数来改变算术操作,以便算术操作将是每设备唯一的,如果分析了解扰数据的流,则允许跟踪该设备。Document EP2391125 describes a solution that allows a single marker (at the receiving device) based on a stream that is common to all devices. Control objects contain original values, substitute values, and positions. The security unit determines the arithmetic operation to be applied on the substitute value to obtain the original value. Altering the arithmetic operation according to the internal parameters of the receiving device so that the arithmetic operation will be unique per device, allowing tracking of the device if the stream of descrambled data is analyzed.

发明内容Contents of the invention

在所提出的解决方案中,相同的内容对象包括要解扰主要内容和标记数据的密钥。这仅当相同的单元负责这两个操作时才是合适的且需要能够执行这两个操作的特定解扰器模块。In the proposed solution, the same content object includes the key to descramble the main content and the tagged data. This is only appropriate if the same unit is responsible for both operations and requires a specific descrambler module capable of performing both operations.

本发明的目标在于向由客户端设备接收的内容施加水印,尤其是当负责解扰的单元独立于负责水印的单元时向由客户端设备接收的内容施加水印。It is an object of the present invention to apply a watermark to content received by a client device, especially when the unit responsible for descrambling is independent of the unit responsible for watermarking.

本发明涉及一种用于向在客户端设备处接收的未压缩的内容加水印的方法,所述未压缩的内容处于压缩的形式中并且被由至少一个内容密钥(CW)加密,所述内容密钥(CW)以及水印指令形成CAS数据,所述CAS数据被通过发送密钥加密并且包括用于认证所述CAS数据的至少一个签名,所述客户端设备包括:The present invention relates to a method for watermarking uncompressed content received at a client device, said uncompressed content being in compressed form and encrypted by at least one content key (CW), said A content key (CW) and a watermark instruction form CAS data, the CAS data is encrypted by a sending key and includes at least one signature for authenticating the CAS data, the client device includes:

-条件访问模块(CAS),管理所述CAS数据,- a conditional access module (CAS), managing said CAS data,

-解扰器(DSC),具有用于接收加密的压缩的内容的输入、以及用于产生压缩的内容的输出,- a descrambler (DSC) having an input for receiving encrypted compressed content and an output for generating compressed content,

-解码器,用于将所述压缩的内容转换成未压缩的内容,- a decoder for converting said compressed content into uncompressed content,

-水印插入器(201),连接到所述解码器的输出,- a watermark inserter (201), connected to the output of said decoder,

-安全激活模块(202),连接到所述水印插入器(201),- a security activation module (202), connected to said watermark inserter (201),

-安全单元(SE200),连接到所述水印插入器(201)和安全激活模块(202),- a security element (SE200), connected to said watermark inserter (201) and security activation module (202),

所述方法包括以下步骤:The method comprises the steps of:

-接收所述CAS数据,- receiving said CAS data,

-由所述条件访问模块(CAS)利用所述发送密钥对所述CAS数据进行解密,- decrypting said CAS data by said conditional access module (CAS) using said sending key,

-验证所述CAS数据的签名,并且如果所述签名有效,- verify the signature of said CAS data, and if said signature is valid,

-则向所述解扰器(103)传输所述内容密钥(CW)并且向所述安全激活模块(202)传输所述水印指令,- then transmit said content key (CW) to said descrambler (103) and said watermark instructions to said security activation module (202),

-向所述水印插入器(201)传输所述水印指令和唯一标识符,- transmitting said watermark instructions and a unique identifier to said watermark inserter (201),

-由所述水印插入器(201)启用或禁用利用由所述唯一标识符初始化的水印数据向从所述解码器接收的未压缩的内容加水印。- enabling or disabling, by said watermark inserter (201 ), watermarking of uncompressed content received from said decoder with watermark data initialized by said unique identifier.

附图说明Description of drawings

参照附图将能够更好地理解本发明,在附图中:The invention will be better understood with reference to the accompanying drawings, in which:

图1表示对仅跟在视频解码器之后的未压缩的内容加水印,Figure 1 represents the watermarking of uncompressed content following only the video decoder,

图2表示对输入到HDMI中的未压缩的内容加水印,Figure 2 represents the watermarking of uncompressed content input into HDMI,

图3表示在SE和SA之间的消息交换,Figure 3 shows the exchange of messages between SE and SA,

图4表示在SE和SA之间的消息交换的替代实施例。Figure 4 shows an alternative embodiment of message exchange between SE and SA.

具体实施方式Detailed ways

条件访问数据包括通过一个或多个内容密钥加密的内容(视频或音频数据或其组合),且包括CAS数据,即允许对加密的内容进行解密的数据。CAS数据还包括与描述解码器解密内容要遇到的条件的内容关联的条件访问条件。条件访问数据在接收到请求之后,被广播、单播或发送。CAS数据还可以包括要传送至水印插入器的水印指令。Conditional access data includes content (video or audio data or a combination thereof) encrypted by one or more content keys, and includes CAS data, ie data allowing decryption of the encrypted content. The CAS data also includes conditional access conditions associated with the content describing the conditions to be encountered by the decoder to decrypt the content. Conditional access data is broadcast, unicast, or sent upon receipt of a request. The CAS data may also include watermark instructions to be passed to the watermark inserter.

一旦在解码器中接收到,就将CAS数据从条件访问数据中提取并转发至条件访问模块(图1和2中的CAS),条件访问模块负责执行在有条件的访问条件中定义的安全措施。该模块可以具有若干形式,即物理模块或软件模块。公知的解决方案是具有接口7816的智能卡的形式,但是本发明也适用于诸如USB、LVDH、PCMCIA之类的其他形式的单元或接口。模块CAS也可以集成到安全单元SE中。Once received in the decoder, the CAS data is extracted from the conditional access data and forwarded to the conditional access module (CAS in Figures 1 and 2), which is responsible for enforcing the security measures defined in the conditional access condition . This module can have several forms, namely a physical module or a software module. A known solution is in the form of a smart card with interface 7816, but the invention is also applicable to other forms of units or interfaces such as USB, LVDH, PCMCIA. The module CAS can also be integrated into the security element SE.

该模块包括解密CAS数据以及从CAS数据提取解密该内容的密钥(CW)必需的密钥。除了密钥之外,该模块提取条件(使用规则)并将密钥和条件传输至安全单元SE。要注意的是,在CAS和SE之间的通信被在两个单元上初始化的密钥加密和保护。This module includes the keys necessary to decrypt the CAS data and to extract from the CAS data the key (CW) to decrypt the content. In addition to the key, this module extracts the conditions (use rules) and transmits the key and the conditions to the security element SE. Note that the communication between the CAS and SE is encrypted and protected by keys initialized on both units.

在CAS和SE之间交换的消息可以被标记,即有效载荷的摘要(例如,水印指令、随机数和标识符)由CAS计算(例如使用利用哈希函数)并通过签名密钥加密以生成签名。该签名被添加到消息中且该消息优选地通过发送密钥加密。在接收侧,消息首先被解密且该摘要在有效载荷上计算。随着密钥与签名密钥对应,将所接收的签名解密且将该结果与所计算出的摘要进行比较。如果这两个值是相同的,则该消息是可信的。签名密钥可以是对称密钥或不对称密钥(公/私钥)。Messages exchanged between CAS and SE can be signed, i.e. a digest of the payload (e.g. watermark instructions, nonce, and identifier) is computed by the CAS (e.g. using a hash function) and encrypted by a signing key to generate a signature . The signature is added to the message and the message is preferably encrypted with the sending key. On the receiving side, the message is first decrypted and the digest is computed on the payload. With the key corresponding to the signing key, the received signature is decrypted and the result is compared to the calculated digest. If these two values are the same, the message is authentic. The signing key can be a symmetric key or an asymmetric key (public/private key).

在常规的环境下,由CAS获得的密钥被传输至负责解密内容的解扰器DSC。一旦内容被解密,就由解码器处理该内容以产生未压缩的内容。水印模块WMK接收未压缩的内容并应用水印,该水印被由解码器的唯一标识符参数化。In conventional circumstances, the key obtained by the CAS is transmitted to the descrambler DSC responsible for decrypting the content. Once the content is decrypted, it is processed by a decoder to produce uncompressed content. The watermarking module WMK receives uncompressed content and applies a watermark, which is parameterized by a unique identifier of the decoder.

所提出的解决方案是在由CAS环境提供的安全单元(SE)200(参考图1)与未压缩的域水印单元201之间具有安全链接。The proposed solution is to have a secure link between the Security Element (SE) 200 (cf. Fig. 1 ) and the uncompressed domain watermarking unit 201 provided by the CAS environment.

根据图1,SE200中继CAS数据,其在成功的解扰操作和位于解码器之后的块的活动之间引入了显式的依存关系,即水印插入器。According to Fig. 1, the SE 200 relays the CAS data, which introduces an explicit dependency between the successful descrambling operation and the activity of the block located after the decoder, namely the watermark inserter.

SE200还提供了其他的敏感信息(如设备的唯一ID、CAS模块ID、在CAS数据或密钥中包含的ID)。该信息,如果将该信息用一般文字发送至水印插入器,则该信息可能被拦截和修改。这就是为什么在这两个块之间的连接必须是安全的。SE200 also provides other sensitive information (such as device unique ID, CAS module ID, ID contained in CAS data or key). This information, if sent in plain text to the watermark inserter, may be intercepted and modified. That's why the connection between these two blocks must be secure.

在此,水印插入器201将信息(水印有效载荷)插入到音频和/或视频内容中。该有效载荷独立于从CAS接收的唯一标识符。然后,其可以被黑客绕过(音频和/或视频内容未被发送至水印块),或可以修改有效载荷(水印数据)。可以将该水印插入器放置为仅跟踪解码器之后,或沿着解码器和最终的显示器或TV屏幕之间的传输线,如HDMI发送器。Here, the watermark inserter 201 inserts information (watermark payload) into audio and/or video content. This payload is independent of the unique identifier received from the CAS. It can then be bypassed by hackers (audio and/or video content not sent to the watermark block), or the payload (watermark data) can be modified. The watermark inserter can be placed just after the trace decoder, or along the transmission line between the decoder and the final display or TV screen, like an HDMI sender.

所提出的解决方案确保:The proposed solution ensures:

-用于确保水印插入器201不被绕过且从而在被CAS决定的情况下被激活的方式。如果水印插入器201看上去未被激活,则SE200停止解扰该内容。- A way to ensure that the watermark inserter 201 is not bypassed and thus activated if decided by the CAS. If the watermark inserter 201 does not appear to be activated, the SE 200 stops descrambling the content.

-用于确保在SE200与水印插入器201之间的通信的方式,以便水印插入器201确信地访问其在时刻T需要的信息,例如插入到内容中必须的有效载荷。SE200管理对要插入的信息的全部或部分计算。一般而言,该信息是:代表解码器或CAS模块的唯一标识符(UID)、时间戳(T)、以及如关于内容自身的特定信息(SID)的感兴趣的任何其它信息。在插入到内容中之前,从该数据计算有效载荷。该操作的目标在于保护有效载荷免受攻击或发送错误(通过ECC或诸如塔德斯码(Tardoscode)之类的抗共谋码的计算)。- A way to ensure communication between SE 200 and watermark inserter 201, so that watermark inserter 201 confidently accesses the information it needs at time T, such as the payload necessary to insert into the content. SE 200 manages all or part of the calculation of the information to be inserted. In general, this information is: a unique identifier (UID) representing the decoder or CAS module, a timestamp (T), and any other information of interest like specific information about the content itself (SID). The payload is calculated from this data before being inserted into the content. The goal of this operation is to protect the payload from attack or transmission errors (by computation of ECC or collusion resistant codes such as Tardoscode).

然后,该有效载荷的全部或部分必须由水印系统使用以被插入到内容中。All or part of this payload must then be used by the watermarking system to be inserted into the content.

所提出的解决方案是添加安全激活块202,其激活/去激活水印插入器201。为了安全的原因,推荐就在视频解码器之后且在信任的执行环境(TEE)中实现安全激活块202和水印插入器201。从客户端设备的主机CPU无法实现在安全激活块202(SA202)与水印插入器201之间的访问。The proposed solution is to add a security activation block 202 which activates/deactivates the watermark inserter 201 . For security reasons, it is recommended to implement the security activation block 202 and the watermark inserter 201 just after the video decoder and in a Trusted Execution Environment (TEE). Access between the security activation block 202 (SA202) and the watermark inserter 201 is not possible from the host CPU of the client device.

安全激活块202由一些可访问的寄存器控制,该控制例如经由如图1中示出的私有总线或通过如图2中示出的公共总线(AMBAAPB)。安全激活块202能够至少启用/禁用两个特征:视频内容上的水印、音频内容上的水印、或其结合。在图1和图2中,安全激活块202和水印插入器201在视频内容上连接。The security activation block 202 is controlled by some registers accessible eg via a private bus as shown in FIG. 1 or via a public bus (AMBAAPB) as shown in FIG. 2 . Security activation block 202 is capable of enabling/disabling at least two features: watermark on video content, watermark on audio content, or a combination thereof. In Figures 1 and 2, the security activation block 202 and the watermark inserter 201 are connected on the video content.

主要概念依赖于安全激活块202不得不从SE200接收称为激活消息(AM)的消息以激活/去激活不同的特征的事实。AM也用于发送标记内容必须的有效载荷。由安全激活块202执行的另一特征是与SE200之间用于交换敏感信息的安全链接。例如,SE200可以向安全激活块202发送安全设置。然后,安全激活块202将向水印块201发送它们。The main concept relies on the fact that the security activation block 202 has to receive messages called Activation Messages (AM) from the SE 200 to activate/deactivate different features. AM is also used to send the payload necessary to mark content. Another feature performed by the security activation block 202 is a secure link with SE 200 for exchanging sensitive information. For example, SE 200 may send security settings to security activation block 202 . The security activation block 202 will then send them to the watermark block 201 .

主要的攻击是人记录该消息并从而能够根据其期望来激活或去激活这些特征。该攻击被称为“重放攻击”。The main attack is for a person to record the message and thus be able to activate or deactivate the features according to his desire. This attack is called a "replay attack".

次要的攻击是攻击者试图修改消息的内容。从而,当SE200生成AM时,其应该针对安全激活块202被加密和签名。此外,AM应该嵌入来自真实随机数生成器(TRNG)的随机数。在图3中示出了AM的示例。其应该至少包含随机数、激活标记、有效载荷(包含UID)、有效载荷大小和签名。A secondary attack is where the attacker attempts to modify the content of the message. Thus, when the SE 200 generates the AM, it should be encrypted and signed for the security activation block 202 . Additionally, AM should embed random numbers from a true random number generator (TRNG). An example of AM is shown in FIG. 3 . It should contain at least nonce, activation token, payload (including UID), payload size and signature.

图2描述了一示例,在该示例中设备正在使用HDMI且设备上的水印块201必须被激活。条件访问系统(CAS)将接收CAS数据。根据该示例,CAS数据是授权控制消息ECM的形式。这些ECM包含加密的CW及其使用规则。加密的CW及其使用规则被发送至SE200。使用规则向SE200指示了当前的视频内容必须被加水印。Figure 2 depicts an example where a device is using HDMI and the watermark block 201 on the device must be activated. The conditional access system (CAS) will receive the CAS data. According to this example, the CAS data is in the form of an entitlement control message ECM. These ECMs contain encrypted CWs and their usage rules. The encrypted CW and its usage rules are sent to SE200. The usage rules indicate to the SE 200 that the current video content must be watermarked.

在初始化阶段该SE202和SA202共享在每一设备中存储的公钥。该密钥将用于加密交换的消息,使得内容不能被第三方访问。由于在这两个单元之间的通信可以被第三方截获,所以实现相互认证协议是重要的。每一方应该确保与另一方通话且不利用模拟器。During initialization phase the SE 202 and SA 202 share a public key stored in each device. This key will be used to encrypt the messages exchanged so that the content cannot be accessed by third parties. Since communications between these two units can be intercepted by third parties, it is important to implement a mutual authentication protocol. Each party should make sure to speak to the other party and not utilize an emulator.

向安全激活模块(202)发送的消息包含水印指令。在激活的情况下,要嵌入到内容中的标识符被包括在该消息中。The message sent to the security activation module (202) contains watermark instructions. In case of activation, the identifier to be embedded in the content is included in the message.

然后,可以根据图3执行以下的步骤。Then, the following steps can be performed according to FIG. 3 .

1.CAS接收包含加密的控制字(CW)及其使用规则或访问条件的ECM。1. The CAS receives the ECM containing the encrypted Control Word (CW) and its usage rules or access conditions.

2.SE200解密CW及其使用规则。使用规则陈述了例如应该使用DVB-CSA解扰器解密上述内容且水印应该在视频上被激活。同时,SE200生成激活消息(AM)并添加可变值。该可变值应该针对由安全激活块202生成的每一消息变化。其可以是随机数,在每一消息或时间戳处计数器加1。该值被存储到SE200。AM被加密和签名。然后,AM被发送至安全激活块202。2. SE200 decrypts CW and its usage rules. The rules of use state that eg a DVB-CSA descrambler should be used to decrypt said content and a watermark should be activated on the video. At the same time, SE200 generates an activation message (AM) and adds variable values. This variable value should change for each message generated by the security activation block 202 . It can be a random number, a counter incremented by 1 at every message or timestamp. This value is stored to SE200. AM is encrypted and signed. The AM is then sent to the security activation block 202 .

3.安全激活块202解密并认证AM。如果认证成功,则安全激活块202检查该可变值,以确定与先前的值相比所接收的值是否已经改变。在计数器的情况下,所接收的可变值应该比最近接收的可变值更高。同样适用于时间戳,与在先前的消息中所接收的时间戳相比,新接收的时间戳应该提前。对于随机数,安全激活块202应该存储所有先前接收的随机数(或至少预先定义的数例如最近的20),以将所接收的随机数与在该消息中包含的值进行比较。3. The security activation block 202 decrypts and authenticates the AM. If the authentication is successful, security activation block 202 checks the mutable value to determine if the received value has changed from a previous value. In the case of a counter, the variable value received should be higher than the most recently received variable value. The same applies to timestamps, which should be advanced for newly received timestamps compared to those received in previous messages. For nonces, the security activation block 202 should store all previously received nonces (or at least a predefined number such as the most recent 20) to compare received nonces with the value contained in the message.

在可变值不符合上述提及的规则中的一个的情况下,拒绝该消息。否则,安全激活块202根据AM的内容激活上述特征。在认证之后,安全激活块生成被加密和签名的确认消息(ACKM)。该ACKM被发送回SE200。其应该至少包含与AM相同的随机数,且其还应该包含激活标记、有效载荷(UID)、有效载荷大小、ACK标记和签名。然后,随机数由安全激活块202存储,以避免在后来呈现相同的消息。In case the variable value does not comply with one of the above mentioned rules, the message is rejected. Otherwise, the security activation block 202 activates the above features according to the content of the AM. After authentication, the security activation block generates an acknowledgment message (ACKM) that is encrypted and signed. This ACKM is sent back to SE200. It should contain at least the same nonce as AM, and it should also contain Activation Flag, Payload (UID), Payload Size, ACK Flag and Signature. The random number is then stored by the security activation block 202 to avoid presenting the same message at a later time.

4.SE200解密并认证ACKM。ACKM应该包含与AM中的那个相同的随机数。如果ACKM未被正确地认证,未被准时地接收(使用看门狗(watchdog)),或随机数与在先前AM中输入的不同,则传输水印指令被认为是失败的且SE202停止向解扰器提供CW。4. SE200 decrypts and authenticates the ACKM. ACKM should contain the same nonce as the one in AM. If the ACKM was not properly authenticated, was not received on time (using a watchdog), or the nonce is different from what was entered in the previous AM, the transmit watermark command is considered a failure and SE 202 stops sending messages to the descrambler The device provides CW.

常见的是,安全激活块202不包括永久存储器。从而无法存储针对准确的抗重放验证的最近的可变值。这就是为什么图4示出了另一方法。要注意的是,即使是在SE202包含永久存储器的情况下也可以应用该方法。Commonly, security activation block 202 does not include persistent storage. Thus it is not possible to store the most recent mutable value for accurate anti-replay verification. This is why Figure 4 shows another approach. Note that this method can be applied even if SE 202 contains persistent storage.

1.SE200向安全激活块202发送第一消息(AM),通知将发送指示消息。在该阶段,该第一消息可以是加密的或明文的。该消息可以包含允许SA202认证第一消息的签名。在图4的示例中,该消息是激活消息AM。1. SE 200 sends a first message (AM) to security activation block 202, informing that an indication message will be sent. At this stage, the first message may be encrypted or in plaintext. This message may contain a signature that allows SA 202 to authenticate the first message. In the example of Fig. 4, this message is an activation message AM.

2.在该消息被加密和签名的情况下,SA202解密并验证该签名。如果签名是正确的,则SA202生成随机数X并向SE200发送包含随机数X的第二消息ACKM。随机数X由SA202存储。在该阶段,第二消息可以是加密的或明文的。该第二消息优选地被加密且包含签名以确保仅真正的SA202能够对其进行生成。2. In case the message is encrypted and signed, SA 202 decrypts and verifies the signature. If the signature is correct, SA202 generates a random number X and sends a second message ACKM containing the random number X to SE200. Random number X is stored by SA202. At this stage, the second message may be encrypted or in plaintext. This second message is preferably encrypted and contains a signature to ensure that only genuine SA 202 can generate it.

3.在SE202接收并解密(如果已被加密)消息ACKM的同时,SE202提取随机数。利用该随机数和水印指令,SE202制备消息,对其进行加密和签名。在指令涉及在内容上禁用水印的情况下,该消息不需要包含标识符。向SA202发送该消息。3. At the same time SE 202 receives and decrypts (if encrypted) message ACKM, SE 202 extracts the random number. Using the random number and watermark instructions, SE 202 prepares a message, encrypts and signs it. Where the instruction refers to disabling a watermark on the content, the message need not contain an identifier. Send this message to SA202.

4.然后,SA202解密并验证签名。如果签名是正确的,则其还验证随机数X与先前存储的值是否相同。如果其不同,则拒绝该消息。在已经通过这些控制时,可以执行在消息中包含的水印指令。4. Then, SA202 decrypts and verifies the signature. If the signature is correct, it also verifies that the nonce X is the same as the previously stored value. If it is different, the message is rejected. When these controls have been passed, the watermark instructions contained in the message can be executed.

5.然后,SA202制备最终的确认消息FACKM,以确认执行水印指令。该消息将包含随机数X且也被加密。5. Then, SA202 prepares the final confirmation message FACKM to confirm the execution of the watermark instruction. This message will contain the nonce X and is also encrypted.

6.SE200接收FACKM,且一旦被解密,就提取SA202的状态。如果SA202确认成功完成水印指令,则SE2002可以向解扰器传输内容密钥。6. SE200 receives the FACKM and once decrypted, extracts the state of SA202. If SA 202 confirms successful completion of the watermark command, SE 2002 may transmit the content key to the descrambler.

Claims (6)

1. one kind for adding the method for watermark to the unpressed content received at client device place, described unpressed content to be in the form of compression and to be encrypted by by least one content key (CW), described content key (CW) and watermark instruction form CAS data, described CAS data are passed through to send secret key encryption and are comprised at least one signature for CAS data described in certification, and described client device comprises:
-conditional access module (CAS), manages described CAS data,
-descrambler (DSC), has the output of the input of the content of the compression for receiving encryption and the content for generation of the compression of deciphering,
-decoder, the Content Transformation for the compression by described deciphering becomes unpressed content,
-watermark inserter (201), is connected to the output of described decoder,
-safe activation module (202), is connected to described watermark inserter (201),
-safe unit (SE200), is connected to described watermark inserter (201) and safe activation module (202),
Said method comprising the steps of:
-receive described CAS data,
-utilize CAS decrypt data described in described transmission double secret key by described conditional access module (CAS),
-verify the signature of described CAS data, and if described signature is effective,
-then transmit described watermark instruction to described safe activation module (202),
-only just transmit described content key (CW) to described descrambler (103) when the transmission success of described watermark instruction,
-transmit described watermark instruction to described watermark inserter (201),
-to be enabled or disabled by described watermark inserter (201) and add watermark to the unpressed content from described Decoder accepts.
2. method according to claim 1, wherein comprises the following steps from described safe unit (SE200) to described safe activation module (202) transmission watermark instruction:
-ask random number (X) by described safe unit (SE200) from described safe activation module (202),
-generate this random number (X) by described safe activation module (202), store described random number (X) and described random number (X) is sent to described safe unit (SE200),
-prepare message by described safe unit (SE200), described message at least comprises described watermark instruction, random number and the signature in described watermark instruction and random number,
-send this message to described safe activation module (202),
-verify that whether described signature is true and whether described random number is identical with the random number previously sent by described safe activation module (202), and when for being, accept described watermark instruction, and
-send final acknowledge message to described safe unit (SE200), have successfully completed described transmission to inform to described safe unit (SE200).
3. method according to claim 1 and 2, wherein said safe activation module (202) and watermark inserter (201) are arranged in the environment of trust, cannot access the connection between these two unit outside the environment of described trust.
4. according to the method described in claims 1 to 3, wherein said CAS data comprise unique identifier, while adding watermark described in enabling, described identifier is transferred to described safe activation module (202) and watermark inserter (201) together with described watermark instruction, and described identifier defines the payload for adding watermark to described content.
5. a client device, comprising: conditional access module (CAS), is responsible for receiving CAS data, and to described CAS decrypt data to obtain watermark instruction and content key (CW), descrambler (DSC), has the output of the input of the content of the compression for receiving encryption and the content for the compression based on described content key generation deciphering, decoder, the Content Transformation for the compression by described deciphering becomes unpressed content, watermark inserter (201), is connected to the output of described decoder, to insert watermark based on described watermark instruction, safe activation module (202), is connected to described watermark inserter (201), safe unit (SE200), be connected to described conditional access module (CAS), descrambler (DSC) and safe activation module (202), it is characterized in that, described conditional access module (CAS) has the device of the signature for verifying described CAS data, and the device had for described watermark instruction to be transferred to described safe activation module (202) in the effective situation of described signature via described safe unit (SE200), described safe unit (SE200) has for verifying whether described watermark instruction is successfully transmitted the device of described watermark inserter, and the device had for described content key being transferred to when Successful transmissions described descrambler (103).
6. client device according to claim 5, wherein said safe activation module (202) comprises the random number generator that can produce random number (X), described safe activation module (202) generates, store described random number, and described random number is sent to described safe unit (SE200), described safe unit (SE200) prepares message, described message at least comprises described watermark instruction, random number, and the signature in described watermark instruction and random number, described safe activation module (202) has such device, this device is for verifying that whether described signature is true, and whether described random number is identical with the random number stored, when for being, accept described watermark instruction, and send final acknowledge message to described safe unit (SE200), described transmission is have successfully completed to inform to described safe unit (SE200).
CN201480022618.6A 2013-04-26 2014-04-11 For the method and apparatus of the embedded watermark in unpressed video data Active CN105191332B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP13165591.2A EP2797334A1 (en) 2013-04-26 2013-04-26 Method and device to embed watermark in uncompressed video data
EP13165591.2 2013-04-26
PCT/EP2014/057342 WO2014173700A1 (en) 2013-04-26 2014-04-11 Method and device to embed watermark in uncompressed video data

Publications (2)

Publication Number Publication Date
CN105191332A true CN105191332A (en) 2015-12-23
CN105191332B CN105191332B (en) 2018-06-01

Family

ID=48190280

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201480022618.6A Active CN105191332B (en) 2013-04-26 2014-04-11 For the method and apparatus of the embedded watermark in unpressed video data

Country Status (10)

Country Link
US (3) US9602890B2 (en)
EP (2) EP2797334A1 (en)
JP (1) JP6333956B2 (en)
KR (1) KR102140356B1 (en)
CN (1) CN105191332B (en)
BR (1) BR112015027099B1 (en)
CA (1) CA2908395C (en)
MX (1) MX347139B (en)
SG (1) SG11201508179YA (en)
WO (1) WO2014173700A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105721951A (en) * 2016-01-28 2016-06-29 华为技术有限公司 Video watermark processing method and device

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10757474B2 (en) * 2018-04-27 2020-08-25 Twentieth Century Fox Home Entertainment Llc Method and apparatus for protecting data via application of corrupting function and complimentary restitution at video processing endpoints
CN109447886B (en) * 2018-10-08 2023-04-11 陕西师范大学 Binding to EMD-2 1 Embedded multi-carrier secret map separate storage method with recovery
CN112383798B (en) * 2020-11-05 2022-05-20 国微集团(深圳)有限公司 Method, system and device for realizing watermark function on CAM
US11842422B2 (en) * 2021-04-30 2023-12-12 The Nielsen Company (Us), Llc Methods and apparatus to extend a timestamp range supported by a watermark without breaking backwards compatibility

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030112974A1 (en) * 2001-12-13 2003-06-19 Levy Kenneth L. Forensic digital watermarking with variable orientation and protocols
US20100128871A1 (en) * 2006-12-05 2010-05-27 Medialive Method and system for the secured distribution of audiovisual data by transaction marking
CN101897182A (en) * 2007-10-30 2010-11-24 纳格拉法国两合公司 Method and system for the secure distribution of audiovisual data by transactional marking
EP2391125A1 (en) * 2010-05-26 2011-11-30 Nagra France Sas Security method for preventing the unauthorized use of multimedia contents

Family Cites Families (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU658014B2 (en) * 1991-11-19 1995-03-30 Macrovision Corporation Method and apparatus for scrambling and descrambling of video signals with edge fill
US5530751A (en) * 1994-06-30 1996-06-25 Hewlett-Packard Company Embedded hidden identification codes in digital objects
US5574787A (en) * 1994-07-25 1996-11-12 Ryan; John O. Apparatus and method for comprehensive copy protection for video platforms and unprotected source material
US5651065A (en) * 1995-03-09 1997-07-22 General Instrument Corporation Of Delaware Insertion of supplemental burst into video signals to thwart piracy and/or carry data
US7224819B2 (en) 1995-05-08 2007-05-29 Digimarc Corporation Integrating digital watermarks in multimedia content
US5809139A (en) * 1996-09-13 1998-09-15 Vivo Software, Inc. Watermarking method and apparatus for compressed digital video
US7644282B2 (en) 1998-05-28 2010-01-05 Verance Corporation Pre-processed information embedding system
US6285774B1 (en) * 1998-06-08 2001-09-04 Digital Video Express, L.P. System and methodology for tracing to a source of unauthorized copying of prerecorded proprietary material, such as movies
US6363149B1 (en) 1999-10-01 2002-03-26 Sony Corporation Method and apparatus for accessing stored digital programs
ATE354255T1 (en) 1998-12-08 2007-03-15 Irdeto Access Bv INFORMATION SIGNAL PROCESSING METHOD
CN1304977C (en) 1999-07-06 2007-03-14 索尼株式会社 Data providing system, device and method thereof
WO2001015162A2 (en) * 1999-08-13 2001-03-01 Microsoft Corporation Methods and systems of protecting digital content
KR20010086038A (en) 1999-09-17 2001-09-07 이데이 노부유끼 Data providing system and method therefor
JP4714980B2 (en) * 2000-10-17 2011-07-06 ソニー株式会社 Content receiving apparatus and content receiving method
WO2002039714A2 (en) 2000-11-08 2002-05-16 Digimarc Corporation Content authentication and recovery using digital watermarks
US7266704B2 (en) 2000-12-18 2007-09-04 Digimarc Corporation User-friendly rights management systems and methods
EP1413143B1 (en) 2001-07-19 2006-05-03 Koninklijke Philips Electronics N.V. Processing a compressed media signal
GB2370732B (en) * 2001-10-17 2003-12-10 Ericsson Telefon Ab L M Security in communications networks
US7516491B1 (en) * 2002-10-17 2009-04-07 Roger Schlafly License tracking system
US7224310B2 (en) * 2002-11-20 2007-05-29 Nagravision S.A. Method and device for the recognition of the origin of encrypted data broadcasting
FR2849563B1 (en) * 2002-12-31 2005-02-11 Medialive CUSTOMIZED MARKING FOR THE PROTECTION OF DIGITAL AUDIOVISUAL STREAMS
US7136709B2 (en) * 2003-11-04 2006-11-14 Universal Electronics Inc. Home appliance control system and methods in a networked environment
US8781967B2 (en) 2005-07-07 2014-07-15 Verance Corporation Watermarking in an encrypted domain
US8291226B2 (en) * 2006-02-10 2012-10-16 Qualcomm Incorporated Method and apparatus for securely booting from an external storage device
US8601590B2 (en) * 2006-04-27 2013-12-03 Panasonic Corporation Content distribution system
WO2008013562A1 (en) 2006-07-24 2008-01-31 Thomson Licensing Method, apparatus and system for secure distribution of content
RU2477572C2 (en) 2007-02-21 2013-03-10 Конинклейке Филипс Электроникс Н.В. Conditional access system
EP1968316A1 (en) 2007-03-06 2008-09-10 Nagravision S.A. Method to control the access to conditional access audio/video content
FR2932042B1 (en) 2008-05-30 2010-05-07 Viaccess Sa METHODS AND SALVES EMITTERS OF DIGITAL MULTIMEDIA CONTENT, RECORDING MEDIUM FOR SUCH METHODS.
EP2251813A1 (en) * 2009-05-13 2010-11-17 Nagravision S.A. Method for authenticating access to a secured chip by a test device
EP2405650A1 (en) * 2010-07-09 2012-01-11 Nagravision S.A. A method for secure transfer of messages
US20120114118A1 (en) 2010-11-05 2012-05-10 Samsung Electronics Co., Ltd. Key rotation in live adaptive streaming
WO2012106245A2 (en) 2011-02-04 2012-08-09 Bickmore Jesse Unique watermarking for digital media
CA2832522C (en) 2011-04-19 2021-09-07 Nagravision S.A. Ethernet decoder device and method to access protected content

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030112974A1 (en) * 2001-12-13 2003-06-19 Levy Kenneth L. Forensic digital watermarking with variable orientation and protocols
US20100128871A1 (en) * 2006-12-05 2010-05-27 Medialive Method and system for the secured distribution of audiovisual data by transaction marking
CN101897182A (en) * 2007-10-30 2010-11-24 纳格拉法国两合公司 Method and system for the secure distribution of audiovisual data by transactional marking
EP2391125A1 (en) * 2010-05-26 2011-11-30 Nagra France Sas Security method for preventing the unauthorized use of multimedia contents

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105721951A (en) * 2016-01-28 2016-06-29 华为技术有限公司 Video watermark processing method and device
CN105721951B (en) * 2016-01-28 2018-12-25 华为技术有限公司 A kind of method and device of video watermark processing

Also Published As

Publication number Publication date
KR20160003675A (en) 2016-01-11
JP2016524828A (en) 2016-08-18
US20160105730A1 (en) 2016-04-14
SG11201508179YA (en) 2015-11-27
MX347139B (en) 2017-04-17
BR112015027099A2 (en) 2017-07-25
CA2908395A1 (en) 2014-10-30
JP6333956B2 (en) 2018-05-30
MX2015014885A (en) 2016-03-07
WO2014173700A1 (en) 2014-10-30
EP2797334A1 (en) 2014-10-29
US9602890B2 (en) 2017-03-21
US9794646B2 (en) 2017-10-17
EP2989804A1 (en) 2016-03-02
US9986308B2 (en) 2018-05-29
US20180048946A1 (en) 2018-02-15
BR112015027099B1 (en) 2023-02-07
CN105191332B (en) 2018-06-01
US20170150233A1 (en) 2017-05-25
CA2908395C (en) 2021-10-12
KR102140356B1 (en) 2020-08-03

Similar Documents

Publication Publication Date Title
US8209535B2 (en) Authentication between device and portable storage
CN107005577B (en) Fingerprint data processing method and processing device
US9986308B2 (en) Method and device to embed watermark in uncompressed video data
CN102415103A (en) Cable television safety communication system for one-way limited access
JP6438459B2 (en) Method for watermarking compressed content encrypted with at least one content key
EP2837197A1 (en) Systems, methods and apparatuses for the secure transmission of media content
CN101094062A (en) Method for implementing safe distribution and use of digital content by using memory card
US8417937B2 (en) System and method for securely transfering content from set-top box to personal media player
CN104243439A (en) File transfer processing method and system and terminals
CN119449499B (en) Security bidirectional authentication method and system
EP2747446B1 (en) Method to enforce watermarking instructions in a receiving device
WO2018157724A1 (en) Method for protecting encrypted control word, hardware security module, main chip and terminal
CN106453430A (en) Method and device for verifying encrypted data transmission paths
CN101902610B (en) Method for realizing safety communication between IPTV set-top box and intelligent card
KR20090024482A (en) Key management system and method for using content
JP2002232410A (en) Communication device and communication method for encrypted data
CN102404119B (en) The method to set up of cryptographic key factors of dynamic tokens, dynamic token and server
CN108243198A (en) A kind of data distribution, retransmission method and device
JP6108952B2 (en) Transmission system and reception apparatus
CN106603534A (en) System sharing traceable encrypted data
CN119484137A (en) Data transmission method and device based on request message
JP2007324896A (en) Receiver, CAS module
JP2016019120A (en) Decoding device, communication system, decoding method, and program

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant